no real-world use found for staying more than one version behind
The ssh vulnerability didn’t affect Debian because the packages were too many versions behind
AFAIK, the xz vulnerability was designed for Debian based on its workaround fixing systemd service status detection. Even if it shipped to something like Arch, the malicious code wouldn’t load.
Security through Geriatricity
Except this isn't true at all.
https://security-tracker.debian.org/tracker/CVE-2024-6387
Regresshion impacted bookworm and trixie both. Buster was too old.
With the downside of me doing an apt update and seeing that openssh-server was on
1:9.2p1-2+deb12u3and I had no idea at a glance if this included the fix or not (qualys's page states version 8.5p1-9.8p1 were vulnerable).If you are running debian bookworm or trixie, you absolutely should update your openssh-server package.
Isn’t this meme format completely written in sarcasm?
We're on a meme page. There is little difference between sarcasm and being serious here. It doesn't matter whether OP is being fully sarcastic or fully serious, people in the comments may hold the same opinion seriously, sarcastically, or with a mixture of both. The format is irrelevant
The xz/ssh back door made it into Debian testing, So I felt I should wipe and reinstall.
Debian has had a rolling release for ages.
well at least they aren't trying to make me install snaps, and patching apt so if I sudo apt install firefox it installs the snap version.
This should be a jailable crime.
especially as the hack flows downriver to distros with actual dignity like mint. Like this is pollution of the water supply dog!
The "install lib-blah-blah-blah" bit doesn't bother me 'cause whenever I need to make something work, I just copy and paste the "sudo apt install ..." commands straight from the internet :)
I also never used version pinning in debian
Don't
Erupt
Before
I
Am
Nevada
This is great! No better way to demonstrate how perfect Debian is! Debian for the win!
Debianties
Truly the dumbest meme template of the year.
I like it
I don't. So... uhm... you're wrong I guess.
This is a pretty old template iirc
It's so old it's still shipping in bookworm
Btw I use Debian
I use Debian btw
I would uninstall the screensaver so fast if I saw a nag screen. Wtf it's a screensaver, what does it matter? I'll use a version that's 50 years old if I want to.
Because the dev gets a huge number of bug reports for bugs that were resolved 5 versions ago.
They actually asked debian to stop shipping the screensaver, because they were getting tired of saying "this is already fixed, debian is just not going to ship the fix for another year". Debian didn't want to stop, so the dev added the nag screen, because it was the only way to stop the flood of bug reports for things that were already fixed.
I know this is just a meme, but the "Stop using xxx!" posts are really annoying.
Whaaat, i love them. They are so unpredictable. Sometimes they are fully serious opinions, sometimes only half serious and sometimes just fully ironic shitposts.
I think the comments calling them annoying are more annoying
I think it is a funny format
3debian5me
Oh, Debian!
KDE? Who needs anything other than FVWM2 or CDE?
As someone who loves the old designs (I've run Chicago95 for years now), the only thing stopping me from running CDE is it lacks first-class support from any distro I've used
I by way the Debian use.
NO REAL-WORLD USE FOUND for staying more than ONE VERSION behind
Joke's on you, my servers are largely unaffected by regreSSHion because they're too outdated.
so old that they are still vulnerable to the same vurnability
Okay... No.
debian? kde? arch? nixos? gentoo? Ubuntu? what the hell are all of these? just use mint, it basically fits every use case.
